Ad: Manage updates with the Download App
  • CNET
  • All Security posts

Security

McAfee, NIST partner to boost U.S. cyberdefenses

Security firm McAfee is working with the National Institute of Standards and Technology to try to shore up America's defenses against cyberthreats.

McAfee announced today that the company is now part of the the National Cybersecurity Excellence Partnership and will join cybersecurity professionals from both the private and public sector to tackle the escalating problem of computer-based threats.

The partnership is part of the National Cybersecurity Center of Excellence, which is hosted by NIST in collaboration with the state of Maryland and Maryland's Montgomery County.

Launched in February 2012, the center has a particular slant toward sharing technology … Read more

Microsoft pulls security update over software conflicts

A security update issued by Microsoft on Tuesday isn't playing nicely with other software, prompting Microsoft to pull it from its download center.

Dustin Childs, group manager of Microsoft Trustworthy Computing, revealed the problem in a blog post late yesterday:

We are aware that some of our customers may be experiencing difficulties after applying security update 2823324, which we provided in security bulletin MS13-036 on Tuesday, April 9. We've determined that the update, when paired with certain third-party software, can cause system errors. As a precaution, we stopped pushing 2823324 as an update when we began investigating the … Read more

Guantanamo legal files mysteriously disappear from PCs

In an institution already cloaked in mystery, puzzling happenings seem to be afoot at Guantanamo Bay prison.

Not only have many legal files suddenly disappeared from the defense team's computers, but also hundreds of thousands their documents have landed on the prosecution's computers, according to Reuters. This debacle has caused several pretrial hearings in the prison's military tribunals to be delayed.

It's not clear how the files vanished or if there was any illegal action behind the disappearance. It could have been a simple computer blip, IT issues, a security breach, hackers, or one of the … Read more

Microsoft fixes two critical flaws for April's Patch Tuesday

Microsoft has released two critical security updates for Windows and Internet Explorer as part of its latest round of Patch Tuesday updates

Included in the patches are seven important updates for Office, SharePoint, and Windows Server products, which are hitting the usual update channels today.

The first critical bulletin affects versions of Internet Explorer 6 and above on Windows XP, Windows Vista, and Windows 7. It also affects Internet Explorer 10 on Windows 8 and Windows RT-based tablets.

It addresses two separate flaws, one that allows remote code execution -- such as a malware injection -- if an affected … Read more

Prepare for and respond to a lost or stolen smartphone

How bad is the smartphone-theft epidemic? San Francisco District Attorney George Gascon accuses phone companies of profiting from stolen phones, as Michael Scherer reported last month on Time's Swampland site. Gascon is one of several leading law-enforcement officials calling for carriers to be required to implement technology that permanently deactivates stolen phones. It is simply too easy for thieves to resell smartphones.

One year ago, the major cellphone services announced via the CTIA Wireless Association plans to create a database "designed to prevent GSM smartphones reported as stolen from being activated or provided service." The database was … Read more

Microsoft to add dual-factor sign-on security 'soon': report

Microsoft will toughen up its products' security by adding dual-factor authentication "soon," according to a report today by Liveside.net.

Judging by details in the Microsoft-focused blog, the approach closely mirrors what Google did years ago: authorization requiring both a password (the first factor) and a special six-digit code retrieved from an authenticator app on a person's smartphone (the second factor). The smartphone code changes frequently so it can't be used for long.

Microsoft offered only this comment today: "Security and privacy is a priority for Microsoft, however we have nothing new to share at … Read more

U.S. Air Force designates six cybertools as weapons

Six cybertools have been designated as weapons by the U.S. Air Force, allowing the programs to better compete for increasingly scarce Pentagon funding, an Air Force official said on Monday.

Lt. Gen. John Hyten, vice commander of Air Force Space Command, told a conference held in conjunction with the National Space Symposium that the new designations would boost the profile of the military's cyberoperations as countries grapple with attacks originating from the Internet.

"This means that the game-changing capability that cyber is, is going to get more attention and the recognition that it deserves," Hyten told … Read more

Windows 8's rising security tide raises all antivirus boats

In one of the first independent tests of third-party security suites on Windows 8, nearly all antivirus and anti-malware software tested well. What may surprise you is that even without a third-party suite, Windows 8 is relatively resistant to modern threats like zero-day attacks, according to the report.

Independent German security suite evaluators AV-Test.org publish bimonthly tests that rate the effectiveness of the biggest Windows security suites out there and rated all 26 of the suites they tested on Windows 8 in January and February as "certified," including Windows 8 itself. This is because Windows 8 comes … Read more

Samsung goes Absolute for mobile security

Samsung has tapped Absolute Software to embed the corporate security solutions provider's patented persistence technology onto its mobile devices -- most notably onto the upcoming Galaxy S4 smartphone.

Headed for Samsung Knox when it debuts this year, Absolute boasted that Samsung's mobile devices will then be the first worldwide to offer "constant, tamper-proof security connection for tracking, wiping, recovery and IT servicing" by including its endpoint security and management software.

For reference, Knox is Samsung's mobile security platform for professional and personal accounts on enhanced versions of Android.

The Vancouver, B.C.-headquartered company said … Read more

How you may have inadvertently participated in recent DDoS attacks

The risk that an Internet-connected computer is infected with malware will never be reducible to zero. It's just the nature of software that errors happen. Where there are software-design errors, there are people who will exploit those errors to their advantage.

The best PC users can hope for is to minimize the chances of an infection and to mitigate the damage a piece of malware can inflict -- whether it intends to steal a user's sensitive data or to commandeer the machine as part of a cyber attack on servers thousands of miles away.

Last week, Internet users … Read more